Cloud Information System Security Engineer (ISSE) - RMF
Washington DC/Lexington Park/PAXR, MD
Requires US Citizenship
Employment Term and Type: Regular, Full Time Required Security Clearance: (Minimum for hire) Secret
Required Education: (Minimum for hire) Bachelor’s or Six (6) years of relevant professional experience may be substituted for the bachelor’s degree Salary Band: $170,000 - $185,000
Job Description: Provide comprehensive Risk Management Framework (RMF) support for the U.S. Navy’s FlankSpeed cloud initiative, ensuring IL6 systems achieve and maintain Authorization to Operate (ATO) and Authorization to Proceed (ATP) in compliance with DoD, DON, and NIST cybersecurity requirements. Deliver expert support across the RMF lifecycle, including system categorization, security control selection, tailoring, and documentation development. Support assessment preparation, continuous monitoring, and security engineering activities necessary to sustain secure system operations. Coordinate with Navy cybersecurity stakeholders to ensure alignment with enterprise requirements and policies. Ensure all RMF activities adhere to CNSSI 1253, NIST SP 800-53/53A, DoDI 8510.01, and DON CIO policy, and DoD cloud/enterprise control inheritance requirements. Also support documentation, assessment readiness, and ongoing authorization efforts for assigned systems. Overall, the position is critical to maintaining compliance, strengthening cybersecurity posture, and enabling the secure modernization of FlankSpeed IL6 capabilities. Primary Duties and Responsibilities:
Execute the full Risk Management Framework (RMF) lifecycle for Navy FlankSpeed IL6 cloud systems, including system categorization, control selection, tailoring, and authorization support.
Develop, maintain, and update RMF documentation and artifacts, including System Security Plans (SSP), Security Assessment Plans (SAP), Plans of Action and Milestones (POA&M), system inventories, data flow diagrams, and related technical documentation.
Analyze vulnerability and compliance scan results (e.g., ACAS, STIGs, SCAP, MDE), validate findings, and coordinate remediation activities with system owners, engineers, and administrators.
Identify, document, and validate inherited security controls from cloud service providers and enterprise services, ensuring accurate representation within RMF packages and eMASS.
Support configuration and change management processes by conducting Security Impact Assessments (SIAs) and advising Configuration Control Boards (CCBs) on cybersecurity risks.
Perform and/or support security control assessments in accordance with NIST SP 800-53A, including evidence collection, validation, and coordination with Security Control Assessors (SCAs).
Maintain accurate and up-to-date eMASS records, including control implementation status, assessment results, and POA&M tracking throughout the RMF lifecycle.
Plan, coordinate, and execute continuous monitoring activities and Annual Security Reviews (ASRs), including risk reporting and remediation tracking.
Support incident response and contingency planning activities, ensuring procedures are current and aligned with Navy cybersecurity requirements.
Participate in cybersecurity governance forums, including Cybersecurity Status Reviews (CSRs), Security Working Groups (SWGs), and CCBs, to communicate system risk posture and status.
Lead or support transition efforts from NIST SP 800-53 Rev. 4 to Rev. 5, including control re-baselining, artifact updates, and reauthorization activities.
Support system modernization, technology refresh initiatives, and cloud capability enhancements by performing security impact analyses and updating RMF documentation accordingly.
Ensure compliance with applicable DoD, DON, and NIST policies, including CNSSI 1253, DoDI 8510.01, and DON CIO guidance.
Provide clear, timely communication and reporting of cybersecurity posture, risks, and authorization status to stakeholders and Navy leadership.
Required Qualifications:
Minimum of five (5) years of experience performing duties aligned with Risk Management Framework (RMF), cybersecurity compliance, and system authorization activities as described above.
At least two (2) years of experience supporting RMF or cybersecurity functions within a Navy/DoD cloud environment (e.g., IL5/IL6, cloud service providers, or enterprise cloud platforms).
Hands-on experience with eMASS for managing RMF packages, control assessments, and POA&M tracking.
Active DoD 8570/8140 compliant baseline certification (e.g., CompTIA Security+ CE, CISSP, SSCP, or equivalent) is required prior to start.
Desired Qualification:
Familiarity with NIST SP 800-53 Rev. 5 and experience supporting transition efforts from Rev. 4 to Rev. 5.
Experience analyzing and remediating vulnerabilities using tools such as ACAS, STIG Viewer, SCAP Compliance Checker, and Microsoft Defender for Endpoint (MDE).
Knowledge of DoD and DON cybersecurity policies, including CNSSI 1253, DoDI 8510.01, and DON CIO guidance.
Experience with cloud security concepts, including control inheritance, shared responsibility models, and CSP-provided controls.
Prior experience supporting security control assessments or working with Security Control Assessors (SCAs).
Familiarity with configuration management processes and participation in Configuration Control Boards (CCBs).
Experience supporting continuous monitoring programs, including Annual Security Reviews (ASRs) and risk reporting.
Strong analytical, documentation, and communication skills with the ability to brief cybersecurity risk posture to technical and non-technical stakeholders.
Certified Information Systems Security Professional (CISSP)
Bachelor’s degree in one of the following fields: Engineering (any discipline), Computer Science, Information Technology, or other technical discipline. (Six (6) years of relevant professional experience may be substituted for the bachelor’s degree.)
Security Clearance Requirements: Secret
Physical, Work Environment & Conditions:
Typical office environment:
Must be able to sit or stand at a workstation for extended periods.
Occasional standing while working in server rooms.
Must be able to view computer screens for long periods.
Ability to distinguish color-coded cabling and indicator lights.
May require walking between different buildings or workstations.
Must be able to communicate clearly with technical teams and end-users.
May need to hear alarms, server beeps, or equipment noises indicating issues
This position description is not intended as, nor should it be construed as, exhaustive of all responsibilities, skills, efforts or working conditions associated with this job. This and all positions are eligible for organization-wide transfer. Management reserves the right to assign or reassign duties and responsibilities at any time.
Company Overview: FGS LLC is an international, leading-edge provider of technical services to include Secure Information Systems, Security and Engineering and Intelligence Analysis. Our turn-key solutions include the design, engineering, deployment operations, and sustainment of secure technology and critical infrastructure for the protection and safety of our customers' mission-critical information, processes, and personnel. Demonstrating an unyielding commitment to our customers, superior trust and dedication with our partners, and leading-edge technical expertise over the past seven years, FGS has experienced explosive growth providing superior services throughout the world, from North America and the Pacific Rim to the Middle East and Europe.
FGS provides secure, leading edge technology and process management services to military, government, and commercial clients worldwide.
FGS offers a generous compensation package including health, dental, vision, 401(k), group life insurance, educational reimbursement, among other benefits.
We value our employees and strive to offer many opportunities for professional growth.
#cjpost – Cloud Engineering FGS, LLC is an Equal Opportunity Employer as to all protected groups, including protected veterans and individuals with disabilities